1 .TH LDAP_GET_DN 3 "RELEASEDATE" "OpenLDAP LDVERSION"
3 .\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
4 .\" Copying restrictions apply. See COPYRIGHT/LICENSE.
6 ldap_get_dn, ldap_explode_dn, ldap_explode_rdn, ldap_dn2ufn \- LDAP DN handling routines
13 char *ldap_get_dn( LDAP *ld, LDAPMessage *entry )
16 int ldap_str2dn( const char *str, LDAPDN **dn, unsigned flags )
19 int ldap_dn2str( LDAPDN *dn, char **str, unsigned flags )
22 char **ldap_explode_dn( const char *dn, int notypes )
25 char **ldap_explode_rdn( const char *rdn, int notypes )
28 char *ldap_dn2ufn( const char * dn )
31 char *ldap_dn2dcedn( const char * dn )
34 char *ldap_dcedn2dn( const char * dn )
37 char *ldap_dn2ad_canonical( const char * dn )
39 These routines allow LDAP entry names (Distinguished Names, or DNs)
40 to be obtained, parsed, converted to a user-friendly form, and tested.
41 A DN has the form described in
42 RFC 2253 "Lightweight Directory Access Protocol (v3):
43 UTF-8 String Representation of Distinguished Names".
47 routine takes an \fIentry\fP as returned by
48 .BR ldap_first_entry (3)
50 .BR ldap_next_entry (3)
52 the entry's DN. Space for the DN will be obtained dynamically
53 and should be freed by the caller using
57 parses a string representation of a distinguished name contained in
64 structures, arranged in
73 typedef struct ldap_ava {
75 struct berval *la_value;
79 typedef LDAPAVA** LDAPRDN;
80 typedef LDAPRDN** LDAPDN;
84 The attribute types and the attribute values are not normalized.
91 the latter meaning that the value is BER/DER encoded and thus must
92 be represented as, quoting from RFC 2253, " ... an
93 octothorpe character ('#' ASCII 35) followed by the hexadecimal
94 representation of each of the bytes of the BER encoding of the X.500
103 LDAP_DN_FORMAT_LDAPV3
104 LDAP_DN_FORMAT_LDAPV2
108 which defines what DN syntax is expected (according to RFC 2253,
109 RFC 1779 and DCE, respectively).
110 The format can be \fIOR\fPed to the flags
114 LDAP_DN_P_NO_SPACE_AFTER_RDN
119 The latter is a shortcut for all the previous limitations.
121 .B LDAP_DN_P_NO_SPACES
122 does not allow extra spaces in the dn; the default is to silently
123 eliminate spaces around AVA separators ('='), RDN component separators
124 ('+' for LDAPv3/LDAPv2 or ',' for DCE) and RDN separators
125 (',' LDAPv3/LDAPv2 or '/' for DCE).
127 .B LDAP_DN_P_NO_SPACE_AFTER_RDN
128 does not allow a single space after RDN separators.
131 performs the inverse operation, yielding in
133 a string representation of
135 It allows the same values for
143 LDAP_DN_FORMAT_AD_CANONICAL
146 for user-friendly naming (RFC 1781) and AD canonical.
148 The following routines are viewed as deprecated in favor of
152 They are provided to support legacy applications.
156 routine takes a DN as returned by
158 and breaks it up into its component parts. Each part is known as a
159 Relative Distinguished Name, or RDN.
162 NULL-terminated array, each component of which contains an RDN from the
163 DN. The \fInotypes\fP parameter is used to request that only the RDN
164 values be returned, not their types. For example, the DN "cn=Bob,
165 c=US" would return as either { "cn=Bob", "c=US", NULL } or { "Bob",
166 "US", NULL }, depending on whether notypes was 0 or 1, respectively.
167 Assertion values in RDN strings may included escaped characters.
168 The result can be freed by calling
169 .BR ldap_value_free (3).
172 .B ldap_explode_rdn()
173 routine takes an RDN as returned by
174 .B ldap_explode_dn(dn,0)
175 and breaks it up into its "type=value" component parts (or just "value",
176 if the \fInotypes\fP parameter is set). Note the value is not
177 unescaped. The result can be freed by calling
178 .BR ldap_value_free (3).
181 is used to turn a DN as returned by
183 into a more user-friendly form, stripping off all type names. See
184 "Using the Directory to Achieve User Friendly Naming" (RFC 1781)
185 for more details on the UFN format. Due to the ambigious nature
186 of the format, it is generally only used for display purposes.
187 The space for the UFN returned is obtained dynamically and the user
188 is responsible for freeing it via a call to
189 .BR ldap_memfree (3).
192 is used to turn a DN as returned by
194 into a DCE-style DN, e.g. a string with most-significant to least
195 significant rdns separated by slashes ('/'); rdn components
196 are separated by commas (',').
197 Only printable chars (e.g. LDAPv2 printable string) are allowed,
198 at least in this implementation.
200 performs the opposite operation.
201 .B ldap_dn2ad_canonical()
202 turns a DN into a AD canonical name, which is basically a DCE dn
203 with attribute types omitted.
204 The trailing domain, if present, is turned in a DNS-like domain.
205 The space for the returned value is obtained dynamically and the user
206 is responsible for freeing it via a call to
207 .BR ldap_memfree (3).
209 If an error occurs in
211 NULL is returned and the
213 field in the \fIld\fP parameter is set to indicate the error. See
215 for a description of possible error codes.
216 .BR ldap_explode_dn() ,
217 .BR ldap_explode_rdn() ,
222 .B ldap_dn2ad_canonical()
223 will return NULL with
225 set appropriately in case of trouble.
227 These routines dynamically allocate memory that the caller must free.
231 .BR ldap_first_entry (3),
232 .BR ldap_memfree (3),
233 .BR ldap_value_free (3)
236 is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
238 is derived from University of Michigan LDAP 3.3 Release.